Correcting Inaccuracies About DeviceLock
In the December 2006 issue of Windows IT Pro, SmartLine's DeviceLock 6.0 was included in the comparative product review "Client Device Managers" (InstantDoc ID 93926). The reviewer, Karl D. Middlebrooks, made claims about DeviceLock that are incorrect. We'd like to set the record straight for Windows IT Pro's readers and our customers.
Mr. Middlebrooks wrote, "Unfortunately, DeviceLock provides no out-of-the-box way to produce reports on the logging data, so a third-party reporting utility is required to make the best use of the audit trail." This statement and the row in the article's product feature table that indicates DeviceLock does not include reporting tools are incorrect. Through the DeviceLock Enterprise Manager (DLEM) console that is installed by default, DeviceLock has several obvious "out-of-the-box" reporting tools and doesn't require third-party solutions. In version 6.0, which was reviewed in the article, the following enterprise reporting tools are easily accessible:
- Permissions reports, for determining access and audit policy settings on managed endpoint computers.
- Audit Log Viewer reports (with sorting and wildcard filtering by column), for working with standard logging DeviceLock data from managed endpoint computers.
- Plug 'n' Play Auditor reports, for determining what USB, FireWire, and PCMCIA devices have been or currently are installed on endpoint computers. This report can also be used to populate the USB White List database.
- Shadow Log Viewer reports (with sorting and wildcard filtering by column), for working with DeviceLock Data Shadow logs from managed endpoint computers.
Pricing plays a major role in the decision to purchase any product. Unfortunately, the pricing listed for DeviceLock in the article is incorrect and represented only the purchase of a single DeviceLock license—which retails for $35.00 per computer— whereas the two competing products were compared at volume pricing for 25 licenses—respectively, $25.00 and $27.50 per computer. DeviceLock's volume pricing for 25 licenses is $22.00 per computer. Volume pricing for 100 seats is $15.50 per computer, and pricing for 1,000 seats is $7.40 per computer. DeviceLock's volume pricing information is available at http://www.devicelock.com.
Mr. Middlebrooks stated that only Centennial Software's DeviceWall 4.0 has a "Deny Permission" feature. In fact, DeviceLock's permission parameter is called NO ACCESS and performs the same function. DeviceLock also provides a Read-Only permission parameter for ports and devices that can store files.
Finally, Mr. Middlebrooks reported that DeviceLock doesn't use the grouping of computers for policy settings. It's true that DeviceLock doesn't use any foreign constructs or database abstracts of the environment as other solutions do to "artificially group" computers. However, through the DeviceLock Enterprise Manager console, an administrator can leverage native directory structures and containers to represent "Groups of Computers" to list and select for similar policies, such as "Organizational Units (OUs)," "Computer Types," "LDAP OUs," and/or importing computer names from a set list. Administrators can also choose to multiselect any desired computers from a domain container or network list.
Like many of you, we believe that Windows IT Pro continues to be a highly respected, trusted news source for our industry. We appreciate the opportunity to set the record straight about DeviceLock.
—Chris Heinemann Manager, Marketing Communications, AdvancedForce InfoSecurity Solutions, Inc.
The Value of Vista
Regarding Karen Forster's IT Pro Perspective: "The Value of Vista, Office, and Exchange" (January 2007, InstantDoc ID 94455), I'm the network admin for a small college in Wisconsin, and I can tell you that we're not planning to move to Vista any time soon. Heck, we're only grudgingly considering 64-bit upgrades to our OSs. The big problems: hardware upgrade costs and software incompatibility. For example, we can't easily afford to migrate off Windows Messenger 5.1, which is incompatible with Vista. Moreover, many of the basic Windows Server 2003 admin tools don't run properly on Vista (or on 64-bit systems)—which is, by the way, a lack of professional polish that I consider unacceptable. Although members of our staff have gotten the admin pack and other tools to run on Vista by manually registering DLLs and copying a few files manually into different system folders, my belief is that Microsoft—which presumably wants our business—should be offering Vista-compatible tools right off the bat. After all, IT departments are the early adopters; if we're just going to use remote desktop to connect to another workstation to do our basic administrative tasks (as Microsoft workarounds suggest), what value is there in Vista to us?